Monitoring Splunk

Community Activity

Disk Rate of Change Monitor I'd like to detect when disk rate of change exceeds 20% within a 1 hour period and the search below works for a singl... by ericca New Member in Monitoring Splunk 10-09-2013 0 2	0	2
No data in License Usage report We are having an issue viewing the License Usage report in Splunk 6.0 - no data is being displayed when trying to vie... by nragusa Engager in Monitoring Splunk 10-04-2013 2 2	2	2
Splunkd process on the indexer in clustering using too much RAM Hi, Splunkd process running on the indexers in using more RAM memory . With in last 7 days it has increased the usa... by ssankeneni Communicator in Monitoring Splunk 10-04-2013 1 5	1	5
Cache indexes in memory? I have an odd one that I imagine most folks here would not want to do. I am using Splunk as an analysis tool, not an ... by smileyge Path Finder in Monitoring Splunk 09-26-2013 2 4	2	4
What happened to sysmon.conf? [Registry Monitoring] I am trying to configure Windows registry monitoring via my Splunk Deployment Server but I am don't see anything in t... by mleidner New Member in Monitoring Splunk 09-26-2013 0 1	0	1
importtool not importing data Hello, Several months of data have been exported via exporttool (using the csv option) and is now ready to import the... by willamwar Path Finder in Monitoring Splunk 09-26-2013 0 7	0	7
Splunk optimization : dedup or latest()? Hi For last 2 months i created a lot of dashboards on Splunk. In most of my searchs i need to get only the last serie... by timmalos Communicator in Monitoring Splunk 09-24-2013 0 3	0	3
Summary index time grouping for performance Is there a significant performance difference in searching summary index aggregate results (result of stats command) ... by joebensimo Path Finder in Monitoring Splunk 09-19-2013 0 5	0	5
Best way to diagnose a Splunk performance problem? Server is timing out. I have Splunk + Enterprise Security running on a Linux server with dual quad-core processors (Intel Xeon 2.4GHZ) and ... by echojacques Builder in Monitoring Splunk 08-29-2013 1 3	1	3
Monitoring Symantec client for old virus definitions Is it possible to monitor below 2 situations via SEPM logs forwarded to Splunk via externla logging feature on SEPM c... by coolgagan13 New Member in Monitoring Splunk 08-28-2013 0 1	0	1
What does "Ignoring path due to: Could not checksum file" mean? In the splunkd.log file on my Light Forwarder server I have been seeing these errors for all the DHCP log files that ... by williamche Path Finder in Monitoring Splunk 08-26-2013 1 8	1	8
CPU alert when it exceeds a threshold index=os host=* sourcetype=cpu \| lookup chipotl fqdn as host \| search application_name="New Apps*" AND physical_envi... by sunilsk1 Path Finder in Monitoring Splunk 08-25-2013 0 5	0	5
DB Connect - OutOfMemoryError for db input Hi, I am experiencing an OutOfMemory Error for a specific Oracle DB input. It is one of three dbmon-tail inputs conf... by flle Path Finder in Monitoring Splunk 08-22-2013 0 6	0	6
Performance issue with large number of sources - even after cleaning the index Hi, this is a tricky question about the internals of Splunk. We had an issue with our installation: basically a sin... by grundsch Communicator in Monitoring Splunk 08-22-2013 0 7	0	7
Scaling out splunk environment Hi! I would like to ask question for the scale-out process for splunk. I am considering to build the splunk on sing... by yuwtennis Communicator in Monitoring Splunk 08-21-2013 0 1	0	1
Splunkbaseに画像をUploadする方法スクリーンショットをUploadするにはどうすればいいですか？＊自己回答です。以下のボタンをおして、画像を選択してもうまくUploadされない場合がありますが、 Uploadする画像を選択すると、自動的にURLのテキストボックス... by melonman Motivator in Monitoring Splunk 08-20-2013 0 2	0	2
500 -Splunk Daemon is not responding: I am getting this error when I load some of my dashboards: 500 -Splunk Daemon is not responding:([Errno 73] Connecti... by kmaynard616 Engager in Monitoring Splunk 08-17-2013 0 2	0	2
forward _internal index from deployment server Hi, I have the following outputs.conf set in deployment server but the _internal index doesn't seem to be forwarded t... by ch_goh Explorer in Monitoring Splunk 08-14-2013 0 3	0	3
An error occurred while rendering the page template. See web_service.log for more details Hi there, When i did splunk start, everything goes well. There was no error. but when i try to go to the url in my b... by lionel319 Explorer in Monitoring Splunk 08-12-2013 0 2	0	2
use field value to extract new field Hello, is possible to use field value to extract new field with splunk. for example i have a field Message whon cont... by ambemou New Member in Monitoring Splunk 08-09-2013 0 3	0	3
Which 'should' perform better? Multiple smaller searches time frames or single large search time frames I have a search performance issue that i'm running into with larger time frame searches in which the time taken is no... by Lucas_K Motivator in Monitoring Splunk 08-08-2013 0 4	0	4
Crash logs galore :( Trying to figure out what these crash logs mean, I get some every minute, sometimes multiple times: [build 149561] ... by jonathan_cooper Communicator in Monitoring Splunk 08-07-2013 1 5	1	5
restart_splunkd showing up in audit.log every minute -- I am not restarting Splunk every minute. I'm seeing the following entry every minute in audit.log: Audit:[timestamp=08-05-2013 18:10:09.376, user=admin, acti... by the_wolverine Champion in Monitoring Splunk 08-05-2013 0 1	0	1
"df" ave(used) not giving consistent results I have this search to find disk space use over time; `index="os" sourcetype="df" host=All_My_Servers \| multikv field... by hartfoml Motivator in Monitoring Splunk 08-05-2013 0 3	0	3
Knowledge Bundle Cache? I had two large apps causing my knowledge bundle to time out. I deleted both app folders in etc apps and in etc user ... by Strype Path Finder in Monitoring Splunk 08-01-2013 0 4	0	4